Multiple types of authentication are supported, and more types may be added in the future. Clients should ignore unrecognised authentication types, and the server may add multiple authentication types to support both old and new clients.